package com.dou.you.che.web.controller.sys;

import com.dou.you.che.web.controller.base.BaseAct;
import com.dou.you.che.comm.annotation.SysLogI;
import com.dou.you.che.comm.utils.constant.Constant;
import com.dou.you.che.comm.utils.page.PageUtils;
import com.dou.you.che.comm.utils.query.QueryParam;
import com.dou.you.che.comm.utils.response.RspData;
import com.dou.you.che.comm.utils.validator.Assert;
import com.dou.you.che.comm.utils.validator.ValidatorUtils;
import com.dou.you.che.comm.utils.validator.group.AddGroup;
import com.dou.you.che.comm.utils.validator.group.UpdateGroup;
import com.dou.you.che.core.entity.sys.SysUser;
import com.dou.you.che.service.sys.SysUserRoleServiceI;
import com.dou.you.che.service.sys.SysUserServiceI;
import com.dou.you.che.web.comm.utils.shiro.ShiroUtils;
import org.apache.commons.lang.ArrayUtils;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.crypto.hash.Sha256Hash;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;

import java.util.List;
import java.util.Map;

/**
 * 系统用户
 * @Author 黄国刚【1058118328@qq.com】
 */
@RestController
@RequestMapping("/sys/user")
public class SysUserAct extends BaseAct {

    @Autowired
    private SysUserServiceI sysUserService;
    @Autowired
    private SysUserRoleServiceI sysUserRoleService;

    /**
     * 所有用户列表
     */
    @SysLogI("所有用户列表")
    @RequestMapping("/list")
    @RequiresPermissions("sys:user:list")
    public RspData list(@RequestParam Map<String, Object> params) {
        //只有超级管理员，才能查看所有管理员列表
        if (!Constant.SUPER_ADMIN.equals(getUserId())) {
            params.put("createUser", getUserId());
        }

        //查询列表数据
        QueryParam query = new QueryParam(params);
        List<SysUser> userList = sysUserService.queryList(query);
        int total = sysUserService.queryTotal(query);

        PageUtils pageUtil = new PageUtils(userList, total, query.getLimit(), query.getPage());

        return RspData.ok().put("page", pageUtil);
    }

    /**
     * 获取登录的用户信息
     */
    @SysLogI("获取登录的用户信息")
    @RequestMapping("/info")
    public RspData info() {
        return RspData.ok().put("user", getUser());
    }

    /**
     * 修改登录用户密码
     */
    @SysLogI("修改密码")
    @RequestMapping("/password")
    public RspData password(String password, String newPassword) {

        if(isTest){
            return RspData.error("演示模式不允许操作");
        }
        Assert.isBlank(newPassword, "新密码不为能空");

        //sha256加密
        password = new Sha256Hash(password).toHex();
        //sha256加密
        newPassword = new Sha256Hash(newPassword).toHex();

        if (password.equals(newPassword)) {
            return RspData.error("密码不能与原密码相同");
        }

        //更新密码
        int count = sysUserService.updatePassword(getUserId(), password, newPassword);
        if (count == 0) {
            return RspData.error("原密码不正确");
        }

        //退出
        ShiroUtils.logout();

        return RspData.ok("密码修改成功");
    }

    /**
     * 用户信息
     */
    @SysLogI("用户信息")
    @RequestMapping("/info/{userId}")
    @RequiresPermissions("sys:user:info")
    public RspData info(@PathVariable("userId") String userId) {
        SysUser user = sysUserService.queryObject(userId);

        //获取用户所属的角色列表
        List<String> roleIdList = sysUserRoleService.queryRoleIdList(userId);
        user.setRoleIdList(roleIdList);

        return RspData.ok().put("user", user);
    }

    /**
     * 保存用户
     */
    @SysLogI("保存用户")
    @RequestMapping("/save")
    @RequiresPermissions("sys:user:save")
    public RspData save(@RequestBody SysUser user) {

        if(isTest){
            return RspData.error("演示模式不允许操作");
        }

        ValidatorUtils.validateEntity(user, AddGroup.class);

        user.setCreateUser(getUserId());
        sysUserService.save(user);

        return RspData.ok();
    }

    /**
     * 修改用户
     */
    @SysLogI("修改用户")
    @RequestMapping("/update")
    @RequiresPermissions("sys:user:update")
    public RspData update(@RequestBody SysUser user) {

        if(isTest){
            return RspData.error("演示模式不允许操作");
        }
        ValidatorUtils.validateEntity(user, UpdateGroup.class);

        user.setCreateUser(getUserId());
        sysUserService.update(user);

        return RspData.ok();
    }

    /**
     * 删除用户
     */
    @SysLogI("删除用户")
    @RequestMapping("/delete")
    @RequiresPermissions("sys:user:delete")
    public RspData delete(@RequestBody String[] userIds) {

        if(isTest){
            return RspData.error("演示模式不允许操作");
        }

        if (ArrayUtils.contains(userIds, 1L)) {
            return RspData.error("系统管理员不能删除");
        }

        if (ArrayUtils.contains(userIds, getUserId())) {
            return RspData.error("当前用户不能删除");
        }

        sysUserService.deleteBatch(userIds);

        return RspData.ok();
    }
}
